OPNsense Forum
English Forums => Web Proxy Filtering and Caching => Topic started by: squiddylicious on August 03, 2020, 03:56:34 pm
-
Recently some researches tested several applicanes for TLS interception. Among them is also opnsense (they use "opensense"). It's a fairly lengthy, but interesting publication:
https://dl.acm.org/doi/10.1145/3372802
The Sorry State of TLS Security in Enterprise Interception Appliances
There were also some issues with opnsense. Maybe they are already fixed or the researches already have contacted the team?
If this is not the case, do you know any config options for squid to mitigate these issues?